antoniomika/sish

Docker compose with lets encrypt

chmuche opened this issue · 1 comments

In the README.md this part gets me confused : https://github.com/antoniomika/sish/blob/main/README.md?plain=1#L51-L58

If I understand the doc the ln part is to use the certificate generated by the letsencrypt service for https redirect.
What I really don't understand is the ln never work, neither inside the docker.

I have nothing inside /etc/letsencrypt for now and the https redirect don't work, that why I open this issue.

The ln is actually supposed to be run on the host.

In the docker-compose file I include with sish, it maintains a different /etc/letsencrypt than that on the host. I did it this way because I use a separate certbot instance on my host vs the docker container and want to keep them separate.

What we're doing is creating a symlink to a file that does not exist on the host machine. We're creating a symlink to tell sish to look for the dnsrobocert letsencrypt certs when loading private keys and certificates. We could try to tell sish to check that directory specifically (/etc/letsencrypt/live/<domain>/), but this would cause a problem as sish tries to look for file pairs like <domain>.key and <domain>.crt. Therefore, no certificate would be loaded.